On Wed, 2005-01-12 at 09:14, Ken Smith wrote: > This is cool. I didn't realize it was that easy to add new functions > to > gmake. One thing though for those thinking of cutting and pasting > this > code for modification into their gmake source. (I'm sure JGC realizes > this as the example is pedantic.) The character string "f" in the > below > example is allocated on the stack with a fixed size. If "argv[0]" > happens to exceed the allocated space, you have a classic buffer > overrun > situation. It may not cause a crash or open a security vulnerability > but it is dangerous to code this way.
Yes, absolutely. This was a massively quick hack before I hopped on a flight cross country, which was later cancelled :-(, and clearly the fixed size buffer is bad for all sorts of reasons. John. -- John Graham-Cumming Home: http://www.jgc.org/ Work: http://www.electric-cloud.com/ POPFile: http://getpopfile.org/ _______________________________________________ Help-make mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-make
